Valletta Cruise Port Plc Privacy Information Notice pursuant to GDPR and Turkish Personal Data Protection Law no. 6698. Valletta Cruise Port Plc (VALLETTA CRUISE PORT) registered in Vault 1, Upper Floor, Pinto Wharf, Floriana FRN 1913, Malta acting as data controller, and the companies of our group (as mentioned at section 2.c) of this notice), acting as data processors (collectively, “we” or “us”), are committed to the fair processing of the passengers’ personal data (“your data”). In order to provide you with a great cruise port experience, we collect personal data about you on different occasions, such as when you browse the website http://www.vallettacruiseport.com, when you use our port. Please read carefully this information notice, which is based on article 13 of the General Data Protection Regulation (Reg. (EU) 2016/679 simply “GDPR”) For any doubts regarding the content of this document, please contact our designated Data Protection Officer via email at email@example.com. You can also send requests in writing to Vault 1, Upper Floor, Pinto Wharf, Floriana FRN 1913, Malta; in that case, please specify “For the Attention of the Data Protection Officer” on the envelope.
Why, When and How we collect personal data about you and Categories of data recipients and personal data transfer
This privacy notice tells you what to expect when VALLETTA CRUISE PORT collects personal information about you, in this case, static or moving imagery via CCTV or surveillance systems as you pass through the related ports. VALLETTA CRUISE PORT also collects personal data via port surveys and wireless internet in addition to subscription tool on VALLETTA CRUISE PORT website. VALLETTA CRUISE PORT is committed to protecting your personal information, safety and security when you use VALLETTA CRUISE PORT services. We are legally obliged to use your information in line with all applicable laws concerning the protection of personal data, including the General Data Protection Regulation (GDPR).
When you use VALLETTA CRUISE PORT we may collect static or moving imagery via CCTV or surveillance systems. GPH collects imagery via CCTV cameras and surveillance devices located throughout the ports, in landside (public)
VALLETTA CRUISE PORT may use CCTV/surveillance imagery for a number of purposes including but not limited to the following:
• To maintain the safety and security of the ports for our passengers, colleagues and stakeholders, including but not limited to control authorities, national security, detection and prevention of crime and aviation security
• To monitor flows and demand throughout the ports to optimise resourcing and passenger experience
• To support the effective management of the ports operation and any incidents
• For investigative purposes or as evidence to support any formal follow-up to ports incidents
• In response to a subject access request.
We will keep your information within VALLETTA CRUISE PORT’s ports except where disclosure is required by law, for example to government bodies, law enforcement agencies or in response to a subject access request. Your information may very occasionally be processed outside of the EU for the purposes of system maintenance and support or for the purposes of international security and crime prevention.
b) Customers and Partners
VALLETTA CRUISE PORT collects personal information about customers/partners or prospective customers/partners contact persons to be able to manage the customer relationship, to market our products and services, to be able to communicate with our stakeholders and perform business and contract negotiations, maintain and develop the customer relationship and to fulfil our obligations resulting from customer relationships. We also send newsletters, feedback questionnaires or invitations to our events. The information is collected from the person him/herself or from our customers.
Legal basis for the processing of personal information is the legitimate interest of VALLETTA CRUISE PORT to be able to manage the customer relationship and to develop its business.
VALLETTA CRUISE PORT collects personal information of its suppliers’ contact persons and about external service providers working at VALLETTA CRUISE PORT. We collect information also from other important stakeholders that are otherwise regarded important to our business. The information is collected from the person him/herself, from their employer or from public sources. We use the data for the following purposes:
• to manage the relationship between these stakeholders
• to communicate with our suppliers and other important stakeholders
• to send invitations to our events
• to be able to assess the fulfilment of defined requirements, skills and competences. These requirements come straight from legislation or are defined by VALLETTA CRUISE PORT. We for example need to ensure that people working in production sites have a valid contract and needed permits as well as that person have completed required trainings
• to manage and provide work orders
• to comply with local legal obligations concerning external employees
For external personnel that needs a long-term or permanent access card to VALLETTA CRUISE PORT’s sites or premises, VALLETTA CRUISE PORT asks for security clearance to be performed by authorities.
We use the information for our legitimate interest to manage the relationship with these stakeholders, to develop our business and also to comply with local legal obligations. The processing is based also on our legitimate interest to ensure safe working environment and to secure our assets.
c) Companies of our group
Global Ports Holding Plc, all of its dependent Group companies, affiliated companies. “Dependent” in this instance means that Global Ports Holding Plc may enforce the adoption of this Data Protection Policy directly or indirectly, on the basis of voting majority, majority management representation, or by agreement. All companies are processing the personal data in compliance with the GDPR.
Depending on the country where you are based at, your personal data could be processed by one of the companies of our group, acting as data processors upon instructions from the data controller.
Personal data of data subjects in the EU is not usually shared with companies of our group that are located outside of Europe. However, should data need to be transferred to a non-EU/EEA country, GPH will adopts relevant safeguards to ensure that the transfer is carried out in compliance with the applicable privacy legislation, in particular the provisions of the GDPR.
How long we store the data
In accordance with Article 5.1(e) GDPR, the personal data that we collect is kept in a form which permits the identification of data subjects for no longer than is necessary for the purposes for which the personal data are collected and processed in each specific case, and in any case not longer than as specified by the relevant applicable laws.
We have defined a Corporate Data Retention Policy that specifies the time frame for data processing at the end of which all copies of the personal data are either destroyed or anonymised using adequate techniques that do not permit the re-identification of the data subject.
Your data subject rights
Under the General Data Protection Regulation, you will have the right to, where appropriate:
• Access your personal data by making a subject access request
• Rectification, erasure or restriction of your information
• Object to the processing of your information
To exercise your rights please contact the VALLETTA CRUISE PORT Data Protection Officer using the following contact details:
Data Protection Officer
Valletta Cruise Port Plc
Vault 1, Upper Floor, Pinto Wharf, Floriana FRN 1913, Malta Or email firstname.lastname@example.org
Changes to this Information Notice
VALLETTA CRUISE PORT reserves the right to update, modify, add or remove portions of this information notice at any time. In such case, we will post the reviewed Information Notice on this page; the date of the “Last update” will also be changed below and a banner will be displayed on the Website to draw your attention to the fact that changes have been made.
Each version of the information notice takes effect from the moment it is published on the Website. Significant changes to the processing of your personal data will require your approval, in accordance with the applicable legislation. You are responsible for reviewing this document from time to time in order to make sure that you are aware of the current version. If you would like to obtain a prior version of the information notice, please contact us using our contact details provided in section 4 of this notice.
Cookies are small text files sent by websites to users’ browsers for the purpose of automatic authentication, session tracking and storing of specific information regarding users.
There are essentially three types of cookies used on this website:
Required for navigation within the site and to use some of its functions (e.g. timing the display of certain pages in so-called “pop-up” mode etc.). Statistical cookies (Google Analytics)
Supplied and managed by Google to provide a statistical analysis of access to the website. The information is solely collected anonymously and in aggregate form and no personal user data is retained. You can decide not to use Google Analytics cookies by following the instructions at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
Supplied and managed by third parties to generate specific advertising messages based on browsing habits and the interests of individual users. These cookies do not, however, use sensitive user data. This Website currently uses Google Doubleclick cookies. For more information, including information to opt out from the cookie, please click the following link: http://www.google.com/policies/technologies/ads/
VALLETTA CRUISE PORT is fully committed to ensuring that your privacy is respected at all times and that the personal data processing put in place is compliant with the applicable data protection legislation. If you have any doubts or questions about the data processing carried out by us or by one of the companies of our group, please contact us using our contact details provided in Data Protection Office section of this notice.